为什么验证后为 false HttpContext.Current.Request.IsAuthenticated
我已经使用表单身份验证在我的网站上创建了登录名, 我不明白为什么在创建票证并将其添加到 cookie 后,
如果我检查 HttpContext.Current.Request.IsAuthenticated
我会得到 false。只有在连续的请求中,用户才会经过身份验证,
这是我的代码
var fat = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(20),
rememberMe,
contact.Id + "," + contact.Role.Id,
FormsAuthentication.FormsCookiePath);
HttpContext.Current.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)));
,如果我检查 HttpContext.Current.Request.IsAuthenticated,我会得到 false,我认为此时用户已经过身份验证...
这是我的配置,
<authentication mode="Forms">
<forms loginUrl="/Admin/Login.aspx" name="FormAuthentication" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>
谢谢。
I've created a login on my website using forms authentication,
I do not understand why after creating the ticket and adding it to the cookies
if I check for HttpContext.Current.Request.IsAuthenticated
i get false. Only on the successive request the user become authenticated
this is my code
var fat = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(20),
rememberMe,
contact.Id + "," + contact.Role.Id,
FormsAuthentication.FormsCookiePath);
HttpContext.Current.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)));
at this point if I check for HttpContext.Current.Request.IsAuthenticated i get false, i thought a this point the user is authenticated...
this is my config
<authentication mode="Forms">
<forms loginUrl="/Admin/Login.aspx" name="FormAuthentication" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>
thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
因为这就是它的工作原理。此属性尝试从请求中读取 cookie,但没有任何 cookie,因为发送请求时客户端尚未经过身份验证。 cookie 被设置并在连续的客户端请求上发送到服务器。
成功验证用户身份后,您可以使用 Response.Redirect 重定向到网站经过身份验证的部分。另一种可能性是直接使用 RedirectFromLoginPage 方法,该方法执行两件事:发出 cookie 并重定向到
Because that's how it works. This property tries to read cookies from the request but there isn't any because when the request was sent the client wans't yet authenticated. The cookie is set and on successive client requests send to the server.
After successfully authenticating an user you could redirect to the authenticated part of the site using
Response.Redirect. Another possibility is to use directly the RedirectFromLoginPage method which performs two things: it emits the cookie and redirects to the page specified in the<forms>tag.